4765 matches found
USN-2332-1: Linux kernel vulnerabilities
A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit...
Kernel: filter: prevent nla extensions to peek beyond the end of the message
The 1 BPFSANCNLATTR and 2 BPFSANCNLATTRNEST extension implementations in the skrunfilter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service integer underflow and...
CVE-2014-1359
Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application...
CVE-2014-1359
CVE-2014-1359 affects Apple iOS < 7.1.2, OS X < 10.9.4, and Apple TV
FreeType TTF File Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18326/info FreeType is prone to a buffer-overflow vulnerability. This issue is due to an integer-underflow that results in a buffer being overrun with attacker-supplied data. This issue allows remote attackers to execute...
tcpdump Print-bgp.C Remote Integer Underflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24965/info The 'tcpdump' utility is prone to an integer-underflow vulnerability because it fails to bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. An attacker can exploit th...
File(1) <= 4.13 Command File_PrintF Integer Underflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23021/info The file1 command is prone to an integer-underflow vulnerability because the command fails to adequately handle user-supplied data. An attacker can leverage this issue to corrupt heap memory and execute arbitra...
Linux Kernel 2.6.x IPTables Logging Rules Integer Underflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11488/info It is reported that an integer underflow vulnerability is present in the iptables logging rules of the Linux kernel 2.6 branch. A remote attacker may exploit this vulnerability to crash a computer that is runni...
Kernel: filter: prevent nla extensions to peek beyond the end of the message
The 1 BPFSANCNLATTR and 2 BPFSANCNLATTRNEST extension implementations in the skrunfilter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service integer underflow and...
openSUSE Security Update : libfreetype6 (openSUSE-SU-2010:0549-1)
This update of freetype2 fixes several vulnerabilities that could lead to remote system compromise by executing arbitrary code with user privileges : - CVE-2010-1797: stack-based buffer overflow while processing CFF opcodes - CVE-2010-2497: integer underflow - CVE-2010-2498: invalid free -...
openSUSE Security Update : pixman (openSUSE-SU-2014:0007-1)
Added pixman-bnc853824-bfo67484-CVE-2013-6425-fix-underflow.pa tch for bnc853824. Fixes an integer underflow bug which can cause a crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : pixman (openSUSE-SU-2014:0014-1)
Added pixman-bnc853824-bfo67484-CVE-2013-6425-fix-underflow.pa tch for bnc853824. Fixes an integer underflow bug which can cause a crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : pixman (openSUSE-SU-2014:0011-1)
Added pixman-bnc853824-bfo67484-CVE-2013-6425-fix-underflow.pa tch for bnc853824. Fixes an integer underflow bug which can cause a crash. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : flash-player (openSUSE-SU-2014:0197-1)
Flash Player received an out of band critical security update to fix an integer underflow vulnerability that could be exploited to execute arbitrary code on the affected system CVE-2014-0497. More information can be found on: http://helpx.adobe.com/security/products/flash-player/apsb14-04.html...
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2011:1079-1)
Mozilla Firefox was updated to version 3.6.23, fixing various bugs and security issues. MFSA 2011-36: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption...
OpenSSL < 0.9.8za / < 1.0.0m / < 1.0.1h Multiple Vulnerabilities
Binary data 8253.prm...
CVE-2014-3152
Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a...
CVE-2014-3152
Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a...
CVE-2014-3152
Removed by vendor...
CVE-2014-3152
Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a...